Lenny Zeltser to present free Malware analysis essentials using REMnux webcast
Ahead of the annual European Digital Forensics and Incident Response Summit in Prague this October, Lenny Zeltser, a highly respected IT security researcher and author will be presenting a free webcast that provides practical advice on malware analysis and reverse-engineering within REMnux; an Ubuntu distribution that incorporates many useful forensics tools.
Zeltser is a GIAC Security Expert (GSE), Senior Faculty Member at the SANS Institute and Incident handler at the Internet Storm Center. Zeltser is also prolific writer as co-author of highly-regarded books Inside Network Perimeter Security, Malware: Fighting Malicious Code and CyberForensics.
“Though some tasks for analysing Windows malware are best performed on Windows laboratory systems, there is a lot you can do on Linux with the help of free and powerful tools,” explains Zeltser. The webcast offer a practical session that presents some of the most useful REMnux tools to help assess suspicious Windows executable files, explore infection artefacts in a network capture file and examine malicious document and media files.
“If you haven't experimented with Linux-based tools for malware analysis, you've been missing out. And if you've been meaning to begin exploring the field of malware analysis, this talk will help you get started,” Zeltser adds. The free webcast will take place on the 28th of June at 9:30am US/EST (2:30pm BST) and is available at https://www.sans.org/webcasts/forensics-prague-webcast-malware-analysis-essentials-remnux-lenny-zeltser-95379
The webcast will also help students prepare for the upcoming FORENSICS 610: Reverse-Engineering Malware course which Zeltser will be teaching at the SANS Forensics Prague event in October. This session is the first time Zeltser, the primary author of this popular course, has taught in Europe.
“The malware analysis process taught in this class helps incident responders assess the severity and repercussions of a situation that involves malicious software,” explains Zeltser, “It also assists in determining how to contain the incident and plan recovery steps. Forensics investigators also learn how to understand key characteristics of malware present on compromised systems, including how to establish indicators of compromise (IOCs) for scoping and containing the intrusion.”
The course is aimed at individuals with responsibilities in the areas of incident response, forensic investigation, Windows security, and system administration. While the field of reverse-engineering malware is in itself advanced, the course begins by covering this topic from an introductory level and quickly progresses to discuss malware analysis tools and techniques of intermediate complexity.
SANS Forensics Prague runs from October 7th till the 13th and starts with the annual European Digital Forensics and Incident Response Summit which will include respected experts from the IT security community sharing their knowledge and expertise to help senior practitioners fight cybercrime more effectively. SANS Forensics Prague will also offer courses covering Computer Forensic Analysis, Incident Response, Mobile Device Forensics and Malware Analysis Tools and Techniques.